Pass the ISC certification CC Questions and answers with ExamsMirror

Modern firewalls operate at Layers 3, 4, and 7, supporting packet filtering, stateful inspection, and application-layer filtering.

When a mail server sends email to another mail server, it acts as anSMTP client. In the Simple Mail Transfer Protocol (SMTP), roles are defined by behavior, not by the system’s primary function.

The sending system initiates the connection and issues SMTP commands, which makes it the client for that transaction. The receiving mail server listens for incoming connections and acts as the SMTP server.

Mail servers routinely switch roles depending on the direction of communication. A single system may act as an SMTP server when receiving mail and as an SMTP client when sending mail.

Understanding SMTP roles is important for configuring mail security controls such as firewalls, TLS enforcement, spam filtering, and authentication. Security professionals must recognize that “client” and “server” are session-based roles, not permanent system identities.

Ransomware affects victims’ files primarily byencryptingthem, rendering the data inaccessible without a decryption key. Attackers then demand a ransom in exchange for restoring access.

While modern ransomware may also steal data, encryption is the defining characteristic of ransomware attacks. Destroying or selling files is not the primary mechanism.

Strong backups, access controls, and endpoint protection are key defenses against ransomware, as emphasized by NIST and CIS.

A Content Delivery Network (CDN) provides the greatest resilience against large-scale DDoS attacks by distributing traffic across a globally dispersed network of edge servers. CDNs absorb and filter malicious traffic before it reaches the origin infrastructure.

Increasing servers or bandwidth helps only to a limited extent and can still be overwhelmed by volumetric attacks. IPS-based mitigation is effective for smaller attacks but is not designed to handle massive distributed floods. CDNs combine traffic absorption, rate limiting, caching, and threat filtering at scale.

Major CDNs operate with terabits of capacity and specialized DDoS defenses, making them highly effective against attacks that would cripple individual organizations.

For public-facing applications, CDNs are considered a best-practice defensive control against availability attacks.

When restoring operations after a disaster,most critical systemsmust be restored first. Systems enable business functions, and without them, functions cannot operate.

Disaster recovery focuses on restoring IT infrastructure in priority order based on business impact analysis (BIA). While functions are important, they depend on systems to operate. Management and least critical functions are lower priorities.

NIST and ISO/IEC business continuity standards emphasize restoring mission-critical systems first to minimize downtime and financial loss.

GDPR directly addresses privacy, while FIPS and MOUs can also relate to privacy controls and data handling requirements.

Microsoft SQL Server commonly uses TCP port 1433, which falls in the registered port range.

Hashing ensuresintegrityby allowing detection of unauthorized changes to data.